Add config option to allow anonymous reporting
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
parent
2e64da11e3
commit
dac47d2abb
@ -26,6 +26,7 @@ Also make sure to remove the `EnvironmentFile=` line from the systemd service an
|
||||
- Duplicate an event
|
||||
- Ability to handle basic administration settings in the admin panel
|
||||
- Added physical address change to the list of important changes that trigger event notifications
|
||||
- Config option to allow anonymous reporting
|
||||
|
||||
### Changed
|
||||
- Configuration handling (see above)
|
||||
|
@ -202,6 +202,9 @@ config :mobilizon, :anonymous,
|
||||
],
|
||||
captcha: [enabled: false]
|
||||
}
|
||||
],
|
||||
reports: [
|
||||
allowed: false
|
||||
]
|
||||
|
||||
config :mobilizon, Oban,
|
||||
|
@ -92,6 +92,11 @@ config :mobilizon, :instance,
|
||||
|
||||
# config :mobilizon, :activitypub, sign_object_fetches: false
|
||||
|
||||
config :mobilizon, :anonymous,
|
||||
reports: [
|
||||
allowed: true
|
||||
]
|
||||
|
||||
require Logger
|
||||
|
||||
cond do
|
||||
|
@ -62,7 +62,7 @@ export const COMMENTS_THREADS = gql`
|
||||
}
|
||||
}
|
||||
}
|
||||
${COMMENT_RECURSIVE_FRAGMENT}
|
||||
${COMMENT_FIELDS_FRAGMENT}
|
||||
`;
|
||||
|
||||
export const CREATE_COMMENT_FROM_EVENT = gql`
|
||||
|
@ -34,6 +34,9 @@ export const CONFIG = gql`
|
||||
}
|
||||
}
|
||||
}
|
||||
reports {
|
||||
allowed
|
||||
}
|
||||
actorId
|
||||
}
|
||||
location {
|
||||
|
@ -39,6 +39,9 @@ export interface IConfig {
|
||||
};
|
||||
};
|
||||
};
|
||||
reports: {
|
||||
allowed: boolean;
|
||||
};
|
||||
actorId: string;
|
||||
};
|
||||
maps: {
|
||||
|
@ -272,7 +272,7 @@
|
||||
<b-icon icon="calendar-plus" />
|
||||
</span>
|
||||
</b-dropdown-item>
|
||||
<b-dropdown-item aria-role="listitem">
|
||||
<b-dropdown-item aria-role="listitem" v-if="ableToReport">
|
||||
<span @click="isReportModalActive = true">
|
||||
{{ $t("Report") }}
|
||||
<b-icon icon="flag" />
|
||||
@ -750,14 +750,25 @@ export default class Event extends EventMixin {
|
||||
|
||||
async reportEvent(content: string, forward: boolean) {
|
||||
this.isReportModalActive = false;
|
||||
// @ts-ignore
|
||||
this.$refs.reportModal.close();
|
||||
if (!this.event.organizerActor) return;
|
||||
const eventTitle = this.event.title;
|
||||
let reporterId = null;
|
||||
if (this.currentActor.id) {
|
||||
reporterId = this.currentActor.id;
|
||||
} else {
|
||||
if (this.config.anonymous.reports.allowed) {
|
||||
reporterId = this.config.anonymous.actorId;
|
||||
}
|
||||
}
|
||||
if (!reporterId) return;
|
||||
try {
|
||||
await this.$apollo.mutate<IReport>({
|
||||
mutation: CREATE_REPORT,
|
||||
variables: {
|
||||
eventId: this.event.id,
|
||||
reporterId: this.currentActor.id,
|
||||
reporterId,
|
||||
reportedId: this.event.organizerActor.id,
|
||||
content,
|
||||
forward,
|
||||
@ -996,6 +1007,12 @@ export default class Event extends EventMixin {
|
||||
await removeAnonymousParticipation(this.uuid);
|
||||
this.anonymousParticipation = null;
|
||||
}
|
||||
|
||||
get ableToReport(): boolean {
|
||||
return (
|
||||
this.config && (this.currentActor.id != undefined || this.config.anonymous.reports.allowed)
|
||||
);
|
||||
}
|
||||
}
|
||||
</script>
|
||||
<style lang="scss" scoped>
|
||||
|
@ -154,7 +154,7 @@ import Subtitle from "../components/Utils/Subtitle.vue";
|
||||
};
|
||||
},
|
||||
update: (data) =>
|
||||
data.loggedUser.participations.map(
|
||||
data.loggedUser.participations.elements.map(
|
||||
(participation: IParticipant) => new Participant(participation)
|
||||
),
|
||||
skip() {
|
||||
|
@ -89,6 +89,9 @@ defmodule Mobilizon.GraphQL.Resolvers.Config do
|
||||
}
|
||||
}
|
||||
},
|
||||
reports: %{
|
||||
allowed: Config.anonymous_reporting?()
|
||||
},
|
||||
actor_id: Config.anonymous_actor_id()
|
||||
},
|
||||
geocoding: %{
|
||||
|
@ -60,9 +60,10 @@ defmodule Mobilizon.GraphQL.Resolvers.Event do
|
||||
end
|
||||
end
|
||||
|
||||
def check_event_access(%Event{local: true}), do: true
|
||||
@spec check_event_access(Event.t()) :: boolean()
|
||||
defp check_event_access(%Event{local: true}), do: true
|
||||
|
||||
def check_event_access(%Event{url: url}) do
|
||||
defp check_event_access(%Event{url: url}) do
|
||||
relay_actor_id = Config.relay_actor_id()
|
||||
Events.check_if_event_has_instance_follow(url, relay_actor_id)
|
||||
end
|
||||
|
@ -7,6 +7,7 @@ defmodule Mobilizon.GraphQL.Resolvers.Report do
|
||||
|
||||
alias Mobilizon.Actors
|
||||
alias Mobilizon.Actors.Actor
|
||||
alias Mobilizon.Config
|
||||
alias Mobilizon.Reports
|
||||
alias Mobilizon.Reports.{Note, Report}
|
||||
alias Mobilizon.Users.User
|
||||
@ -47,7 +48,7 @@ defmodule Mobilizon.GraphQL.Resolvers.Report do
|
||||
def create_report(
|
||||
_parent,
|
||||
%{reporter_id: reporter_id} = args,
|
||||
%{context: %{current_user: user}} = _resolution
|
||||
%{context: %{current_user: %User{} = user}} = _resolution
|
||||
) do
|
||||
with {:is_owned, %Actor{}} <- User.owns_actor(user, reporter_id),
|
||||
{:ok, _, %Report{} = report} <- API.Reports.report(args) do
|
||||
@ -61,6 +62,31 @@ defmodule Mobilizon.GraphQL.Resolvers.Report do
|
||||
end
|
||||
end
|
||||
|
||||
@doc """
|
||||
Create a report anonymously if allowed
|
||||
"""
|
||||
def create_report(
|
||||
_parent,
|
||||
%{reporter_id: reporter_id} = args,
|
||||
_resolution
|
||||
) do
|
||||
with {:anonymous_reporting_allowed, true} <-
|
||||
{:anonymous_reporting_allowed, Config.anonymous_reporting?()},
|
||||
{:wrong_id, true} <- {:wrong_id, reporter_id == to_string(Config.anonymous_actor_id())},
|
||||
{:ok, _, %Report{} = report} <- API.Reports.report(args) do
|
||||
{:ok, report}
|
||||
else
|
||||
{:anonymous_reporting_allowed, _} ->
|
||||
{:error, "You need to be logged-in to create reports"}
|
||||
|
||||
{:wrong_id, _} ->
|
||||
{:error, "Reporter ID is not the anonymous actor id"}
|
||||
|
||||
_error ->
|
||||
{:error, "Error while saving report"}
|
||||
end
|
||||
end
|
||||
|
||||
def create_report(_parent, _args, _resolution) do
|
||||
{:error, "You need to be logged-in to create reports"}
|
||||
end
|
||||
|
@ -59,6 +59,7 @@ defmodule Mobilizon.GraphQL.Schema.ConfigType do
|
||||
object :anonymous do
|
||||
field(:participation, :anonymous_participation)
|
||||
field(:event_creation, :anonymous_event_creation)
|
||||
field(:reports, :anonymous_reports)
|
||||
field(:actor_id, :id)
|
||||
end
|
||||
|
||||
@ -100,6 +101,10 @@ defmodule Mobilizon.GraphQL.Schema.ConfigType do
|
||||
field(:enabled, :boolean)
|
||||
end
|
||||
|
||||
object :anonymous_reports do
|
||||
field(:allowed, :boolean)
|
||||
end
|
||||
|
||||
object :resource_provider do
|
||||
field(:type, :string)
|
||||
field(:endpoint, :string)
|
||||
|
@ -139,6 +139,10 @@ defmodule Mobilizon.Config do
|
||||
:enabled
|
||||
]
|
||||
|
||||
@spec anonymous_reporting? :: boolean
|
||||
def anonymous_reporting?,
|
||||
do: Application.get_env(:mobilizon, :anonymous)[:reports][:allowed]
|
||||
|
||||
def instance_resource_providers do
|
||||
types = get_in(Application.get_env(:mobilizon, Mobilizon.Service.ResourceProviders), [:types])
|
||||
|
||||
|
@ -1,9 +1,11 @@
|
||||
defmodule Mobilizon.GraphQL.Resolvers.ReportTest do
|
||||
use Mobilizon.Web.ConnCase
|
||||
use Mobilizon.Tests.Helpers
|
||||
|
||||
import Mobilizon.Factory
|
||||
|
||||
alias Mobilizon.Actors.Actor
|
||||
alias Mobilizon.Config
|
||||
alias Mobilizon.Events.Event
|
||||
alias Mobilizon.Reports.{Note, Report}
|
||||
alias Mobilizon.Users.User
|
||||
@ -11,67 +13,124 @@ defmodule Mobilizon.GraphQL.Resolvers.ReportTest do
|
||||
alias Mobilizon.GraphQL.AbsintheHelpers
|
||||
|
||||
describe "Resolver: Report a content" do
|
||||
@create_report_mutation """
|
||||
mutation CreateReport($reporterId: ID!, $reportedId: ID!, $eventId: ID, $content: String) {
|
||||
createReport(
|
||||
reporterId: $reporterId,
|
||||
reportedId: $reportedId,
|
||||
eventId: $eventId,
|
||||
content: $content
|
||||
) {
|
||||
content,
|
||||
reporter {
|
||||
id
|
||||
},
|
||||
event {
|
||||
id
|
||||
},
|
||||
status
|
||||
}
|
||||
}
|
||||
"""
|
||||
|
||||
clear_config([:anonymous, :reports])
|
||||
|
||||
setup %{conn: conn} do
|
||||
Mobilizon.Config.clear_config_cache()
|
||||
anonymous_actor_id = Config.anonymous_actor_id()
|
||||
{:ok, conn: conn, anonymous_actor_id: anonymous_actor_id}
|
||||
end
|
||||
|
||||
test "create_report/3 creates a report", %{conn: conn} do
|
||||
%User{} = user_reporter = insert(:user)
|
||||
%Actor{} = reporter = insert(:actor, user: user_reporter)
|
||||
%Actor{} = reported = insert(:actor)
|
||||
%Event{} = event = insert(:event, organizer_actor: reported)
|
||||
|
||||
mutation = """
|
||||
mutation {
|
||||
createReport(
|
||||
reporter_id: #{reporter.id},
|
||||
reported_id: #{reported.id},
|
||||
event_id: #{event.id},
|
||||
content: "This is an issue"
|
||||
) {
|
||||
content,
|
||||
reporter {
|
||||
id
|
||||
},
|
||||
event {
|
||||
id
|
||||
},
|
||||
status
|
||||
}
|
||||
}
|
||||
"""
|
||||
|
||||
res =
|
||||
conn
|
||||
|> auth_conn(user_reporter)
|
||||
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
||||
|> AbsintheHelpers.graphql_query(
|
||||
query: @create_report_mutation,
|
||||
variables: %{
|
||||
reportedId: reported.id,
|
||||
reporterId: reporter.id,
|
||||
eventId: event.id,
|
||||
content: "This is an issue"
|
||||
}
|
||||
)
|
||||
|
||||
assert json_response(res, 200)["errors"] == nil
|
||||
assert json_response(res, 200)["data"]["createReport"]["content"] == "This is an issue"
|
||||
assert json_response(res, 200)["data"]["createReport"]["status"] == "OPEN"
|
||||
assert json_response(res, 200)["data"]["createReport"]["event"]["id"] == to_string(event.id)
|
||||
assert res["errors"] == nil
|
||||
assert res["data"]["createReport"]["content"] == "This is an issue"
|
||||
assert res["data"]["createReport"]["status"] == "OPEN"
|
||||
assert res["data"]["createReport"]["event"]["id"] == to_string(event.id)
|
||||
|
||||
assert json_response(res, 200)["data"]["createReport"]["reporter"]["id"] ==
|
||||
assert res["data"]["createReport"]["reporter"]["id"] ==
|
||||
to_string(reporter.id)
|
||||
end
|
||||
|
||||
test "create_report/3 without being connected doesn't create any report", %{conn: conn} do
|
||||
%Actor{} = reported = insert(:actor)
|
||||
|
||||
mutation = """
|
||||
mutation {
|
||||
createReport(
|
||||
reported_id: #{reported.id},
|
||||
reporter_id: 5,
|
||||
content: "This is an issue"
|
||||
) {
|
||||
content
|
||||
}
|
||||
}
|
||||
"""
|
||||
res =
|
||||
conn
|
||||
|> AbsintheHelpers.graphql_query(
|
||||
query: @create_report_mutation,
|
||||
variables: %{
|
||||
reportedId: reported.id,
|
||||
reporterId: 5,
|
||||
content: "This is an issue"
|
||||
}
|
||||
)
|
||||
|
||||
assert res["errors"] |> hd |> Map.get("message") ==
|
||||
"You need to be logged-in to create reports"
|
||||
end
|
||||
|
||||
test "create_report/3 anonymously creates a report if config has allowed", %{
|
||||
conn: conn,
|
||||
anonymous_actor_id: anonymous_actor_id
|
||||
} do
|
||||
%Actor{} = reported = insert(:actor)
|
||||
Config.put([:anonymous, :reports, :allowed], true)
|
||||
|
||||
res =
|
||||
conn
|
||||
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
||||
|> AbsintheHelpers.graphql_query(
|
||||
query: @create_report_mutation,
|
||||
variables: %{
|
||||
reportedId: reported.id,
|
||||
reporterId: anonymous_actor_id,
|
||||
content: "This is an issue"
|
||||
}
|
||||
)
|
||||
|
||||
assert json_response(res, 200)["errors"] |> hd |> Map.get("message") ==
|
||||
"You need to be logged-in to create reports"
|
||||
assert is_nil(res["errors"])
|
||||
assert res["data"]["createReport"]["content"] == "This is an issue"
|
||||
assert res["data"]["createReport"]["status"] == "OPEN"
|
||||
|
||||
assert res["data"]["createReport"]["reporter"]["id"] ==
|
||||
to_string(anonymous_actor_id)
|
||||
end
|
||||
|
||||
test "create_report/3 anonymously doesn't creates a report if the anonymous actor ID is wrong",
|
||||
%{conn: conn} do
|
||||
%Actor{} = reported = insert(:actor)
|
||||
Config.put([:anonymous, :reports, :allowed], true)
|
||||
|
||||
res =
|
||||
conn
|
||||
|> AbsintheHelpers.graphql_query(
|
||||
query: @create_report_mutation,
|
||||
variables: %{
|
||||
reportedId: reported.id,
|
||||
reporterId: 53,
|
||||
content: "This is an issue"
|
||||
}
|
||||
)
|
||||
|
||||
assert res["errors"] |> hd |> Map.get("message") ==
|
||||
"Reporter ID is not the anonymous actor id"
|
||||
end
|
||||
end
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user